Simora (“us”, “we”, or “our”) operates the Simora website (the “Service”).

This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information Collection and Use

While using our Service, we may ask you to provide personally identifiable information including but not limited to:

• Name
• Email address
• Telephone number
• Address

Performance of Contract: Processing of name, address, email, and payment data is necessary to fulfill orders, deliver digital eSIM products, and issue invoices.

Legitimate Interests: Analysis of log data and site security measures are carried out to optimize our service, prevent fraud, and improve user experience.

Consent: We obtain your explicit consent before sending marketing communications; you may withdraw consent at any time by contacting us or clicking “Unsubscribe.”

When we collect your personal data, we inform you of your rights under the UK GDPR and applicable data protection laws. These rights include accessing your personal data, rectifying inaccurate data, requesting deletion of your data, restricting data processing, objecting to processing, transferring your data to another service, and lodging a complaint with the competent supervisory authority.

2. Log Data

We collect Log Data including IP address, browser type/version, pages visited, time and date of visit, and time spent on pages.

3. Cookies

We use cookies to collect information. You can refuse cookies via browser settings. Without cookies, some parts of the Service may not function.

4. Service Providers

Third-party providers may access your data to support Service operations. They are prohibited from using it for other purposes.

We share data with third parties such as payment processors, hosting providers, email delivery providers, live chat tools, analytics services, and eSIM service providers, solely for providing the Service. All third parties are required to process data in accordance with applicable data protection requirements.

5. Security

We use commercially acceptable means to protect your data, but no method is 100% secure.

6. Links to Other Sites

We may share data with third parties such as payment processors, hosting providers, email delivery providers, live chat tools, analytics services, and eSIM service providers, solely for the purpose of providing the Service.

We are not responsible for third-party site content or privacy practices.

7. Children’s Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from anyone under the age of 18. If we learn that we have collected personal information from a minor without verification of parental consent, we will take steps to delete that information.

During registration, users must confirm they are 18 or older. If we discover that we have collected data from a minor without parental consent, we will promptly delete it.

8. Compliance with Laws

We disclose Personal Information when required to by law, court order, subpoena, or valid legal request.

9. Changes to This Privacy Policy

We may update our policy by posting a new version on this page.

Your Data Protection Rights:

• Access, correction, deletion
• Data portability
• Restriction and objection to processing
• Lodge complaints with the competent supervisory authority

10. Data Retention

Data is retained as long as needed for its purpose, or as legally required.

• Order & Invoice Data: Retained for up to ten (10) years in compliance with tax and accounting laws.
• Marketing Consents: Stored until you withdraw your consent.
• Cookie Preferences: Stored for a maximum of two (2) years.

In the event of a personal data breach, we will notify affected users and the competent supervisory authority within 72 hours where legally required.

After the retention period, personal data is securely deleted or anonymized using industry-standard methods, except where longer retention is required by law.

Backup Caveat: Encrypted backup copies may persist for up to ninety (90) days for disaster-recovery purposes but are not used for active data processing and will be overwritten in the normal course.

11. International Data Transfers

Where personal data is transferred outside the United Kingdom or European Economic Area, such transfers are safeguarded by appropriate contractual and organizational measures, including Standard Contractual Clauses or equivalent safeguards where required.

12. Data Subject Access Requests

You may request access, correction, or deletion of your personal data by emailing [email protected]. We will respond within 30 days where legally required, providing data in a structured, commonly used, and machine-readable format if requested.

13. Data Protection Contact

For all data protection inquiries, please contact us at [email protected].

14. Contact